SEC+ Revision Questions Securing the Network Infrastructure

Question 1

You are a guest at a hotel offering free Wi-Fi Internet access to guests. You connect to the wireless network at full signal strength and obtain a valid TCP/IP configuration. When you try to access Internet web sites, a web page displays instead asking for a code before allowing access to the Internet. What type of network component is involved in providing this functionality?
A. DHCP server
B. NAT
C. Proxy server
D. Switch

Answer 1

C. Proxy server

Question 2

You are configuring a wireless router at a car repair shop so that waiting customers can connect to the Internet. You want to ensure wireless clients can connect to the Internet but cannot connect to internal computers owned by the car repair shop. Where should you plug in the wireless router?
A. LAN
B. Port 24 on the switch
C. Port 1 on the switch
D. DMZ

Answer 2

D. DMZ

Question 3

What will detect network or host intrusions and take actions to prevent the intrusion from succeeding?
A. IPS
B. IDS
C. IPSec
D. DMZ

Answer 3

A. IPS

Question 4

What technology uses a single external IP address to represent many computers on an internal network?
A. IPSec
B. DHCP
C. NAT
D. NIDS

Answer 4

C. NAT

Question 5

You must purchase a network device that supports content filtering and virus defense for your LAN. What should you choose?
A. NAT router
B. HIPS
C. Web security gateway
D. Packet filtering firewall

Answer 5

C. Web security gateway

Question 6

You have been asked to somehow separate Engineering departmental network traffic from Accounting departmental traffic because of a decrease in network throughput. What should you use?
A. VLAN
B. DMZ
C. NAT
D. VPN

Answer 6

A. VLAN

Question 7

Based on the following LAN firewall rule set, choose the best description: Allow inbound TCP 3389
Allow outbound TCP 80 Allow outbound TCP 443
A. LAN users can connect to external FTP sites. External users can use RDP to connect to LAN computers.
B. LAN users can connect to external SMTP servers. External users can use LDAP to connect to LAN computers.
C. LAN users can connect to external web servers. External users can use RDP to connect to LAN computers.
D. LAN users can connect to external proxy servers. External users can use IPSec to connect to LAN computers.

Answer 7

C. LAN users can connect to external web servers. External users can use RDP to connect to LAN computers.

Question 8

Which tool would allow you to capture and view network traffic?
A. Vulnerability scanner
B. Port scanner
C. Protocol analyser
D. NAT

Answer 8

C. Protocol analyser

Question 9

You are reviewing router configurations to ensure they comply with corporate security policies. You notice the routers are configured to load their configurations using TFTP and also that TCP port 22 is enabled. What security problem exists with these routers?
A. Telnet should be disabled.
B. Telnet should have a password configured.
C. TFTP is an insecure protocol.
D. Telnet should limit concurrent logins to 1.

Answer 9

C. TFTP is an insecure protocol.

Question 10

A router must be configured to allow traffic only from certain hosts. How can this be accomplished?
A. ACL
B. Subnet
C. Proxy server
D. NAT

Answer 10

A. ACL

Question 11

Which technologies allow analysis of network traffic? (Choose two.)
A. Port scanner
B. Sniffer
C. DMZ
D. NIDS

Answer 11

B. Sniffer
&
D. NIDS

Question 12

Sylvia’s workstation has been moved to a new cubicle. On Monday morning, Sylvia reports that even though the network card is plugged into the network jack, there is no link light on the network card. What is the problem?
A. The workstation has an APIPA address. Issue the ipconfig / renew command.
B. The default gateway has not been set.
C. Sylvia must first log on to the domain.
D. Since the MAC address has changed, switch port security has disabled the port.

Answer 12

D. Since the MAC address has changed, switch port security has disabled the port.

Question 13

You need a method of authenticating Windows 7 workstations before allowing local LAN access. What should you use?
A. VPN concentrator
B. Router
C. 802.1x-compliant switch
D. Proxy server

Answer 13

C. 802.1x-compliant switch

Question 14

An attacker sends thousands of TCP SYN packets with unreachable source IP addresses to a server. After consuming server resources with this traffic, legitimate traffic can no longer reach the server. What can prevent this type of attack?
A. Packet filtering firewall
B. Proxy server
C. Antivirus software
D. SYN flood protection

Answer 14

D. SYN flood protection

Question 15

A junior IT employee links three network switches together such that each switch connects to the two others. As a result, the network is flooded with useless traffic. What can prevent this situation?
A. Web application firewall
B. Loop protection
C. SYN flood guard
D. Router ACL

Answer 15

B. Loop protection

Question 16

Your boss asks that specific HTTP traffic be monitored and blocked. What should you use?
A. Web application firewall
B. Protocol analyzer
C. Packet filtering firewall
D. Layered security/defense in depth

Answer 16

A. Web application firewall

Question 17

A high school principal insists on preventing student access to known malware web sites. How can this be done?
A. DMZ
B. URL filtering
C. DNS forwarding
D. 802.1x-compliant switch

Answer 17

B. URL filtering

Question 18

Which of the following scenarios best describes implicit deny?
A. Allow network access if it is 802.1x authenticated.
B. Block outbound network traffic destined for TCP port 25.
C. Block network traffic unless specifically permitted.
D. Allow network traffic unless specifically forbidden.

Answer 18

C. Block network traffic unless specifically permitted.

Question 19

A university student has a wired network connection to a restrictive university network. At the same time, the student is connected to a Wi-Fi hotspot for a nearby coffee shop that allows unrestricted Internet access. What potential problem exists in this case?
A. The student computer could link coffee shop patrons to the university network.
B. The student computer could override the university default gateway setting.
C. Encrypted university transmissions could find their way onto the Wi-Fi network.
D. Encrypted coffee shop transmissions could find their way onto the university network.

Answer 19

A. The student computer could link coffee shop patrons to the university network.

Question 20

Which network device encrypts and decrypts network traffic over an unsafe network to allow access to private LANs?
A. Proxy server
B. IPSec
C. VPN concentrator
D. TPM

Answer 20

C. VPN concentrator

Question 21

You suspect malicious activity on your DMZ. In an effort to identify the offender, you have intentionally configured an unpatched server to attract further attention. What term describes what you have configured?
A. Honeynet
B. Logging server
C. Exploit
D. Honeypot

Answer 21

D. Honeypot

Question 22

Your NIDS incorrectly reports legitimate network traffic as being suspicious. What is this known as?
A. False positive
B. Explicit false
C. False negative
D. Implicit false

Answer 22

A. False positive

Question 23

Your corporate network access policy states that all connecting devices require a host-based firewall, an antivirus scanner, and the latest operating system updates. You would like to prevent noncompliant devices from connecting to your network. What solution should you consider?
A. NIDS
B. NAC
C. VLAN
D. HIDS

Answer 23

B. NAC

Question 24

Which of the following are true regarding NAT? (Choose two.)
A. The NAT client is unaware of address translation.
B. The NAT client is aware of address translation.
C. Internet hosts are unaware of address translation.
D. NAT provides a layer.

Answer 24

A. The NAT client is unaware of address translation.
&
C. Internet hosts are unaware of address translation.

Question 25

You are a sales executive for a real estate firm. One of your clients calls you wondering why you have not e-mailed them critical documentation regarding a sale. You check your mail program to verify the message was sent two days ago. You also verify the message was not sent back to you as undeliverable. You tell your client that you did in fact send the message. What should you next tell your client?
A. Clean your mailbox; there is no room for new incoming mail.
B. Wait a few hours; Internet e-mail is slow.
C. NAT might have prevented the message from being delivered.
D. Check your junk mail; antispam software sometimes incorrectly identifies legitimate mail as spam.

Answer 25

D. Check your junk mail; antispam software sometimes incorrectly identifies legitimate mail as spam.

Question 26

You are an IT network consultant. You install a new wireless network for a hotel. What must you do to prevent wireless network users from gaining administrative access to wireless routers?
A. Apply MAC filtering.
B. Disable SSID broadcasting.
C. Change the admin password.
D. Enable WPA.

Answer 26

C. Change the admin password.

Question 27

You are an IT specialist with a law enforcement agency. You have tracked illegal Internet activity down to an IP address. Detectives would like to link a person to the IP address in order to secure an arrest warrant. Which of the following are true regarding this situation? (Choose two.)
A. The IP address might be that of a NAT router or a proxy server.
B. The IP address could not have been spoofed; otherwise, it would not have reached its destination.
C. IP addresses can be traced to a regional ISP.
D. IP addresses are unique for every individual device connecting to the Internet.

Answer 27

A. The IP address might be that of a NAT router or a proxy server.
&
C. IP addresses can be traced to a regional ISP.

Question 28

Your IT security director asks you to configure packet encryption for your internal network. She expresses concerns about how existing packet filtering firewall rules might affect this encrypted traffic. How would you respond to her concerns?
A. Encrypted packets will not be affected by existing packet filtering firewall rules.
B. Encrypted packet headers could prevent outbound traffic from leaving the internal network.
C. Encrypted packet payloads will prevent outbound traffic from leaving the internal network.
D. Inbound encrypted traffic will be blocked by the firewall.

Answer 28

B. Encrypted packet headers could prevent outbound traffic from leaving the internal network.

Question 29

You are configuring inbound firewall rules on a Linux host. Which command-line tool would you use?

Answer 29

Iptables

Question 30

You are configuring inbound firewall rules on a Windows host. Which command-line tool would you use?

Answer 30

Netsh

Question 31

Acme Inc. has hired you to implement security solutions as recommended by the findings of a network security audit. Stations connecting to the network must have a host-based firewall
enabled and must have an up-to-date antivirus solution installed. What should you implement?
A. ACL
B. NAC
C. 802.1x
D. VLAN

Answer 31

B. NAC

Question 32

Acme Inc. has hired you to implement security solutions as recommended by the findings of a network security audit. Stations used by Accounting staff should not be able to communicate with other stations on the network. What should you implement?
A. ACL
B. NAC
C. 802.1x
D. VLAN

Answer 32

D. VLAN

Question 33

Acme Inc. has hired you to implement security solutions as recommended by the findings of a network security audit. Currently, any station plugged into a switch can communicate on the network without any type of authentication. Acme Inc. would like to limit network
communications by connecting stations until they have been authenticated. What should you implement?
A. ACL
B. NAC
C. 802.1x
D. VLAN

Answer 33

C. 802.1x

Question 34

Acme Inc. has hired you to implement security solutions as recommended by the findings of a network security audit. Currently, all users have read access to project files on the main file
server. Your configuration must ensure that only members of the Project Managers group have access to project files. What should you implement?
A. ACL
B. NAC
C. 802.1x
D. VLAN

Answer 34

A. ACL